Request user input as part of playbook automation.
Sometimes playbook steps require input that can't be fully automated. You can now set up playbook automation to request information using a form and incorporate selected responses in the playbook. See Create forms for user input.
FetchAlerts operator returns specified alerts in a playbook.
Manage your SOC with custom statuses and priorities.
Cases can now include the same statuses and priorities that you track in your SOC, and workflows allow you to determine the allowable status transitions. See Create settings for cases.
Deploy detection content in bulk
Detections can now be added to LogicHub in bulk, significantly reducing the time required to set up detections in your environment.
Find unpublished modules or custom integrations and push them to the content exchange.
Allow users to find all the unpublished content (modules/custom integrations) and publish the content in bulk.